The digital transformation in Cameroon presents critical cybersecurity challenges that demand immediate attention and strategic intervention. This comprehensive analysis examines the evolving cybersecurity landscape i...The digital transformation in Cameroon presents critical cybersecurity challenges that demand immediate attention and strategic intervention. This comprehensive analysis examines the evolving cybersecurity landscape in Cameroon from 2020 to 2023, during which cyber-attacks increased by 156% and financial losses from digital fraud exceeded $45 million. This research identifies significant vulnerabilities in Cameroon’s cybersecurity ecosystem through a rigorous assessment of national infrastructure, policy frameworks, and institutional capacities. Recent data indicates that while digital service adoption has grown exponentially, with internet penetration reaching 35.2% in 2023, cybersecurity measures have lagged significantly behind international standards. This analysis draws on comprehensive data from multiple sectors, including financial services, government institutions, and telecommunications, incorporating findings from the National Cybersecurity Assessment Program and the Digital Infrastructure Security Report. The research reveals that 73% of organizations lack dedicated security teams, while response times to cyber incidents average 72 hours—three times than the global standard. Based on these findings, this paper proposes evidence-based solutions for enhancing digital resilience, including policy modernization, capacity-building initiatives, and technical infrastructure development. The recommendations encompass short-term tactical responses, medium-term strategic improvements, and long-term structural changes, providing a comprehensive roadmap for strengthening Cameroon’s national cybersecurity frameworks.展开更多
The NIST Cybersecurity Framework (NIST CSF) serves as a voluntary guideline aimed at helping organizations, tiny and medium-sized enterprises (SMEs), and critical infrastructure operators, effectively manage cyber ris...The NIST Cybersecurity Framework (NIST CSF) serves as a voluntary guideline aimed at helping organizations, tiny and medium-sized enterprises (SMEs), and critical infrastructure operators, effectively manage cyber risks. Although comprehensive, the complexity of the NIST CSF can be overwhelming, especially for those lacking extensive cybersecurity resources. Current implementation tools often cater to larger companies, neglecting the specific needs of SMEs, which can be vulnerable to cyber threats. To address this gap, our research proposes a user-friendly, open-source web platform designed to simplify the implementation of the NIST CSF. This platform enables organizations to assess their risk exposure and continuously monitor their cybersecurity maturity through tailored recommendations based on their unique profiles. Our methodology includes a literature review of existing tools and standards, followed by a description of the platform’s design and architecture. Initial tests with SMEs in Burkina Faso reveal a concerning cybersecurity maturity level, indicating the urgent need for improved strategies based on our findings. By offering an intuitive interface and cross-platform accessibility, this solution aims to empower organizations to enhance their cybersecurity resilience in an evolving threat landscape. The article concludes with discussions on the practical implications and future enhancements of the tool.展开更多
The concept of Supply Chain 4.0 represents a transformative phase in supply chain management through advanced digital technologies like IoT, AI, blockchain, and cyber-physical systems. While these innovations deliver ...The concept of Supply Chain 4.0 represents a transformative phase in supply chain management through advanced digital technologies like IoT, AI, blockchain, and cyber-physical systems. While these innovations deliver operational improvements, the heightened interconnectivity introduces significant cybersecurity challenges, particularly within military logistics, where mission-critical operations and life-safety concerns are paramount. This paper examines these unique cybersecurity requirements, focusing on advanced persistent threats, supply chain poisoning, and data breaches that could compromise sensitive operations. The study proposes a hybrid cybersecurity framework tailored to military logistics, integrating resilience, redundancy, and cross-jurisdictional security measures. Real-world applicability is validated through simulations, offering strategies for securing supply chains while balancing security, efficiency, and flexibility.展开更多
The European Standardization Organizations(ESOs),CEN,CENELEC and ETSI,joined forces with ENISA,the EU Agency for Cybersecurity,to host the 9th Cybersecurity Standardization Conference on March 20 in Brussels,Belgium.
Small and Medium-sized Enterprises (SMEs) are considered the backbone of global economy, but they often face cyberthreats which threaten their financial stability and operational continuity. This work aims to offer a ...Small and Medium-sized Enterprises (SMEs) are considered the backbone of global economy, but they often face cyberthreats which threaten their financial stability and operational continuity. This work aims to offer a proactive cybersecurity approach to safeguard SMEs against these threats. Furthermore, to mitigate these risks, we propose a comprehensive framework of practical and scalable cybersecurity measurements/protocols specifically for SMEs. These measures encompass a spectrum of solutions, from technological fortifications to employee training initiatives and regulatory compliance strategies, in an effort to cultivate resilience and awareness among SMEs. Additionally, we introduce a specially designed a Java-based questionnaire software tool in order to provide an initial framework for essential cybersecurity measures and evaluation for SMEs. This tool covers crucial topics such as social engineering and phishing attempts, implementing antimalware and ransomware defense mechanisms, secure data management and backup strategies and methods for preventing insider threats. By incorporating globally recognized frameworks and standards like ISO/IEC 27001 and NIST guidelines, this questionnaire offers a roadmap for establishing and enhancing cybersecurity measures.展开更多
The increasing reliance on digital infrastructure in modern healthcare systems has introduced significant cybersecurity challenges,particularly in safeguarding sensitive patient data and maintaining the integrity of m...The increasing reliance on digital infrastructure in modern healthcare systems has introduced significant cybersecurity challenges,particularly in safeguarding sensitive patient data and maintaining the integrity of medical services.As healthcare becomes more data-driven,cyberattacks targeting these systems continue to rise,necessitating the development of robust,domain-adapted Intrusion Detection Systems(IDS).However,current IDS solutions often lack access to domain-specific datasets that reflect realistic threat scenarios in healthcare.To address this gap,this study introduces HCKDDCUP,a synthetic dataset modeled on the widely used KDDCUP benchmark,augmented with healthcare-relevant attributes such as patient data,treatments,and diagnoses to better simulate the unique conditions of clinical environments.This research applies standard machine learning algorithms Random Forest(RF),Decision Tree(DT),and K-Nearest Neighbors(KNN)to both the KDDCUP and HCKDDCUP datasets.The methodology includes data preprocessing,feature selection,dimensionality reduction,and comparative performance evaluation.Experimental results show that the RF model performed best,achieving 98%accuracy on KDDCUP and 99%on HCKDDCUP,highlighting its effectiveness in detecting cyber intrusions within a healthcare-specific context.This work contributes a valuable resource for future research and underscores the need for IDS development tailored to sector-specific requirements.展开更多
This paper presents a novel blockchain-embedded cybersecurity framework for industrial solar power systems,integrating immutable machine learning(ML)with distributed ledger technology.Our contribution focused on three...This paper presents a novel blockchain-embedded cybersecurity framework for industrial solar power systems,integrating immutable machine learning(ML)with distributed ledger technology.Our contribution focused on three factors,Quantum-resistant feature engineering using theUNSW-NB15 dataset adapted for solar infrastructure anomalies.An enhanced Light Gradient Boosting Machine(LightGBM)classifier with blockchain-validated decision thresholds,and A cryptographic proof-of-threat(PoT)consensus mechanism for cyber attack verification.The proposed Immutable LightGBM model with majority voting and cryptographic feature encoding achieves 96.9% detection accuracy with 0.97 weighted average of precision,recall and F1-score,outperforming conventional intrusion detection systems(IDSs)by 12.7% in false positive reduction.The blockchain layer demonstrates a 2.4-s average block confirmation time with 256-bit SHA-3 hashing,enabling real-time threat logging in photovoltaic networks.Experimental results improve in attack traceability compared to centralized security systems,establishing new benchmarks for trustworthy anomaly detection in smart grid infrastructures.This study also compared traditional and hybrid ML based blockchian driven IDSs and attained better classification results.The proposed framework not only delivers a resilient,adaptable threat mitigation system(TMS)for Industry 4.0 solar powered infrastructure but also attains high explainability,scalability with tamper-proof logs,and remarkably exceptional ability of endurance to cyber attacks.展开更多
This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 emp...This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 employees across 78 SMEs, qualitative interviews, and case studies, the research examines how psychological factors influence cybersecurity behaviors and policy effectiveness. Key findings reveal significant correlations between psychological factors and security outcomes, including the relationship between self-efficacy and policy compliance (r = 0.42, p β = 0.37, p < 0.001). The study identifies critical challenges in risk perception, policy complexity, and organizational culture affecting SME cybersecurity implementation. Results demonstrate that successful cybersecurity initiatives require the integration of psychological principles with technical solutions. The research provides a framework for developing human-centric security policies that address both behavioral and technical aspects of cybersecurity in resource-constrained environments.展开更多
The increasing sophistication of cyberattacks,coupled with the limitations of rule-based detection systems,underscores the urgent need for proactive and intelligent cybersecurity solutions.Traditional intrusion detect...The increasing sophistication of cyberattacks,coupled with the limitations of rule-based detection systems,underscores the urgent need for proactive and intelligent cybersecurity solutions.Traditional intrusion detection systems often struggle with detecting early-stage threats,particularly in dynamic environments such as IoT,SDNs,and cloud infrastructures.These systems are hindered by high false positive rates,poor adaptability to evolving threats,and reliance on large labeled datasets.To address these challenges,this paper introduces CyberGuard-X,an AI-driven framework designed to identify attack precursors—subtle indicators of malicious intent—before full-scale intrusions occur.CyberGuard-X integrates anomaly detection,time-series analysis,and multi-stage classification within a scalable architecture.The model leverages deep learning techniques such as autoencoders,LSTM networks,and Transformer layers,supported by semi-supervised learning to enhance detection of zero-day and rare threats.Extensive experiments on benchmark datasets(CICIDS2017,CSE-CIC-IDS2018,and UNSW-NB15)demonstrate strong results,including 96.1%accuracy,94.7%precision,and 95.3%recall,while achieving a zero-day detection rate of 84.5%.With an inference time of 12.8 ms and 34.5%latency reduction,the model supports real-time deployment in resource-constrained environments.CyberGuard-X not only surpasses baseline models like LSTM and Random Forest but also enhances proactive threat mitigation across diverse network settings.展开更多
Taking the cooperation between China and Pakistan as an example,this paper expounds on the current situation,governance concept,obstacles to cooperation,and differentiated policies of Western countries in the areas of...Taking the cooperation between China and Pakistan as an example,this paper expounds on the current situation,governance concept,obstacles to cooperation,and differentiated policies of Western countries in the areas of cybersecurity,the role of new e-commerce platforms,and digital sovereignty of BRICS countries.It aims to promote inter-governmental cooperation through civil dialogue and lead information technology cooperation among developing countries through the BRICS mechanism,as well as to collaborate to establish guidelines for global cybersecurity,new e-commerce platforms,and digital sovereignty.展开更多
The growing sophistication of cyberthreats,among others the Distributed Denial of Service attacks,has exposed limitations in traditional rule-based Security Information and Event Management systems.While machine learn...The growing sophistication of cyberthreats,among others the Distributed Denial of Service attacks,has exposed limitations in traditional rule-based Security Information and Event Management systems.While machine learning–based intrusion detection systems can capture complex network behaviours,their“black-box”nature often limits trust and actionable insight for security operators.This study introduces a novel approach that integrates Explainable Artificial Intelligence—xAI—with the Random Forest classifier to derive human-interpretable rules,thereby enhancing the detection of Distributed Denial of Service(DDoS)attacks.The proposed framework combines traditional static rule formulation with advanced xAI techniques—SHapley Additive exPlanations and Scoped Rules-to extract decision criteria from a fully trained model.The methodology was validated on two benchmark datasets,CICIDS2017 and WUSTL-IIOT-2021.Extracted rules were evaluated against conventional Security Information and Event Management Systems rules with metrics such as precision,recall,accuracy,balanced accuracy,and Matthews Correlation Coefficient.Experimental results demonstrate that xAI-derived rules consistently outperform traditional static rules.Notably,the most refined xAI-generated rule achieved near-perfect performance with significantly improved detection of DDoS traffic while maintaining high accuracy in classifying benign traffic across both datasets.展开更多
With the rapid development of information technology, the deep integration of the financial sector and the internet has become a key driving force for economic growth. However, while this trend brings convenience, it ...With the rapid development of information technology, the deep integration of the financial sector and the internet has become a key driving force for economic growth. However, while this trend brings convenience, it also poses significant cybersecurity challenges to the financial sector. This study comprehensively analyzes the current state, challenges, and protective measures of cybersecurity in the financial sector, aiming to provide important references for financial institutions in formulating cybersecurity strategies and enhancing risk management.展开更多
The proliferation of smart communities in Foshan has led to increasingly diverse and prevalent cybersecurity risks for residents.This trend has rendered traditional cybersecurity education models inadequate in address...The proliferation of smart communities in Foshan has led to increasingly diverse and prevalent cybersecurity risks for residents.This trend has rendered traditional cybersecurity education models inadequate in addressing the challenges of the digital era.Guided by the theory of collaborative governance and the framework of digital transformation,this paper examines the multi-stakeholder collaborative mechanism involving the government,businesses,community organizations,universities,and residents.It subsequently proposes a series of implementation strategies such as digitizing educational content,intellectualizing platforms,contextualizing delivery methods,and refining management precision.Studies demonstrate that this model enables effective resource integration,improves educational precision,and boosts resident engagement.It represents a fundamental shift from unilateral dissemination to multi-party interaction and from decentralized management to collaborative synergy,offering a replicable“Foshan Model”for digital governance at the community level.展开更多
The efficient transmission of images,which plays a large role inwireless communication systems,poses a significant challenge in the growth of multimedia technology.High-quality images require well-tuned communication ...The efficient transmission of images,which plays a large role inwireless communication systems,poses a significant challenge in the growth of multimedia technology.High-quality images require well-tuned communication standards.The Single Carrier Frequency Division Multiple Access(SC-FDMA)is adopted for broadband wireless communications,because of its low sensitivity to carrier frequency offsets and low Peak-to-Average Power Ratio(PAPR).Data transmission through open-channel networks requires much concentration on security,reliability,and integrity.The data need a space away fromunauthorized access,modification,or deletion.These requirements are to be fulfilled by digital image watermarking and encryption.This paper ismainly concerned with secure image communication over the wireless SC-FDMA systemas an adopted communication standard.It introduces a robust image communication framework over SC-FDMA that comprises digital image watermarking and encryption to improve image security,while maintaining a high-quality reconstruction of images at the receiver side.The proposed framework allows image watermarking based on the Discrete Cosine Transform(DCT)merged with the Singular Value Decomposition(SVD)in the so-called DCT-SVD watermarking.In addition,image encryption is implemented based on chaos and DNA encoding.The encrypted watermarked images are then transmitted through the wireless SC-FDMA system.The linearMinimumMean Square Error(MMSE)equalizer is investigated in this paper to mitigate the effect of channel fading and noise on the transmitted images.Two subcarrier mapping schemes,namely localized and interleaved schemes,are compared in this paper.The study depends on different channelmodels,namely PedestrianAandVehicularA,with a modulation technique namedQuadratureAmplitude Modulation(QAM).Extensive simulation experiments are conducted and introduced in this paper for efficient transmission of encrypted watermarked images.In addition,different variants of SC-FDMA based on the Discrete Wavelet Transform(DWT),Discrete Cosine Transform(DCT),and Fast Fourier Transform(FFT)are considered and compared for the image communication task.The simulation results and comparison demonstrate clearly that DWT-SC-FDMAis better suited to the transmission of the digital images in the case of PedestrianAchannels,while the DCT-SC-FDMA is better suited to the transmission of the digital images in the case of Vehicular A channels.展开更多
Blockchain-enabled cybersecurity system to ensure and strengthen decentralized digital transaction is gradually gaining popularity in the digital era for various areas like finance,transportation,healthcare,education,...Blockchain-enabled cybersecurity system to ensure and strengthen decentralized digital transaction is gradually gaining popularity in the digital era for various areas like finance,transportation,healthcare,education,and supply chain management.Blockchain interactions in the heterogeneous network have fascinated more attention due to the authentication of their digital application exchanges.However,the exponential development of storage space capabilities across the blockchain-based heterogeneous network has become an important issue in preventing blockchain distribution and the extension of blockchain nodes.There is the biggest challenge of data integrity and scalability,including significant computing complexity and inapplicable latency on regional network diversity,operating system diversity,bandwidth diversity,node diversity,etc.,for decision-making of data transactions across blockchain-based heterogeneous networks.Data security and privacy have also become the main concerns across the heterogeneous network to build smart IoT ecosystems.To address these issues,today’s researchers have explored the potential solutions of the capability of heterogeneous network devices to perform data transactions where the system stimulates their integration reliably and securely with blockchain.The key goal of this paper is to conduct a state-of-the-art and comprehensive survey on cybersecurity enhancement using blockchain in the heterogeneous network.This paper proposes a full-fledged taxonomy to identify the main obstacles,research gaps,future research directions,effective solutions,andmost relevant blockchain-enabled cybersecurity systems.In addition,Blockchain based heterogeneous network framework with cybersecurity is proposed in this paper tomeet the goal of maintaining optimal performance data transactions among organizations.Overall,this paper provides an in-depth description based on the critical analysis to overcome the existing work gaps for future research where it presents a potential cybersecurity design with key requirements of blockchain across a heterogeneous network.展开更多
Spear Phishing Attacks(SPAs)pose a significant threat to the healthcare sector,resulting in data breaches,financial losses,and compromised patient confidentiality.Traditional defenses,such as firewalls and antivirus s...Spear Phishing Attacks(SPAs)pose a significant threat to the healthcare sector,resulting in data breaches,financial losses,and compromised patient confidentiality.Traditional defenses,such as firewalls and antivirus software,often fail to counter these sophisticated attacks,which target human vulnerabilities.To strengthen defenses,healthcare organizations are increasingly adopting Machine Learning(ML)techniques.ML-based SPA defenses use advanced algorithms to analyze various features,including email content,sender behavior,and attachments,to detect potential threats.This capability enables proactive security measures that address risks in real-time.The interpretability of ML models fosters trust and allows security teams to continuously refine these algorithms as new attack methods emerge.Implementing ML techniques requires integrating diverse data sources,such as electronic health records,email logs,and incident reports,which enhance the algorithms’learning environment.Feedback from end-users further improves model performance.Among tested models,the hierarchical models,Convolutional Neural Network(CNN)achieved the highest accuracy at 99.99%,followed closely by the sequential Bidirectional Long Short-Term Memory(BiLSTM)model at 99.94%.In contrast,the traditional Multi-Layer Perceptron(MLP)model showed an accuracy of 98.46%.This difference underscores the superior performance of advanced sequential and hierarchical models in detecting SPAs compared to traditional approaches.展开更多
In the rapidly evolving field of cybersecurity,the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical.Traditional methods often fall short in ...In the rapidly evolving field of cybersecurity,the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical.Traditional methods often fall short in capturing the dynamic and complex nature of modern cyber threats.To address this gap,we propose a comprehensive framework designed to create authentic network environments tailored for cybersecurity exercise systems.Our framework leverages advanced simulation techniques to generate scenarios that mirror actual network conditions faced by professionals in the field.The cornerstone of our approach is the use of a conditional tabular generative adversarial network(CTGAN),a sophisticated tool that synthesizes realistic synthetic network traffic by learning fromreal data patterns.This technology allows us to handle technical components and sensitive information with high fidelity,ensuring that the synthetic data maintains statistical characteristics similar to those observed in real network environments.By meticulously analyzing the data collected from various network layers and translating these into structured tabular formats,our framework can generate network traffic that closely resembles that found in actual scenarios.An integral part of our process involves deploying this synthetic data within a simulated network environment,structured on software-defined networking(SDN)principles,to test and refine the traffic patterns.This simulation not only facilitates a direct comparison between the synthetic and real traffic but also enables us to identify discrepancies and refine the accuracy of our simulations.Our initial findings indicate an error rate of approximately 29.28%between the synthetic and real traffic data,highlighting areas for further improvement and adjustment.By providing a diverse array of network scenarios through our framework,we aim to enhance the exercise systems used by cybersecurity professionals.This not only improves their ability to respond to actual cyber threats but also ensures that the exercise is cost-effective and efficient.展开更多
In the digital age, the global character of the Internet has significantly improved our daily lives by providing access to large amounts of knowledge and allowing for seamless connections. However, this enormously int...In the digital age, the global character of the Internet has significantly improved our daily lives by providing access to large amounts of knowledge and allowing for seamless connections. However, this enormously interconnected world is not without its risks. Malicious URLs are a powerful menace, masquerading as legitimate links while holding the intent to hack computer systems or steal sensitive personal information. As the sophistication and frequency of cyberattacks increase, identifying bad URLs has emerged as a critical aspect of cybersecurity. This study presents a new approach that enables the average end-user to check URL safety using Microsoft Excel. Using the powerful VirusTotal API for URL inspections, this study creates an Excel add-in that integrates Python and Excel to deliver a seamless, user-friendly interface. Furthermore, the study improves Excel’s capabilities by allowing users to encrypt and decrypt text communications directly in the spreadsheet. Users may easily encrypt their conversations by simply typing a key and the required text into predefined cells, enhancing their personal cybersecurity with a layer of cryptographic secrecy. This strategy democratizes access to advanced cybersecurity solutions, making attentive digital integrity a feature rather than a daunting burden.展开更多
This study investigates how cybersecurity can be enhanced through cloud computing solutions in the United States. The motive for this study is due to the rampant loss of data, breaches, and unauthorized access of inte...This study investigates how cybersecurity can be enhanced through cloud computing solutions in the United States. The motive for this study is due to the rampant loss of data, breaches, and unauthorized access of internet criminals in the United States. The study adopted a survey research design, collecting data from 890 cloud professionals with relevant knowledge of cybersecurity and cloud computing. A machine learning approach was adopted, specifically a random forest classifier, an ensemble, and a decision tree model. Out of the features in the data, ten important features were selected using random forest feature importance, which helps to achieve the objective of the study. The study’s purpose is to enable organizations to develop suitable techniques to prevent cybercrime using random forest predictions as they relate to cloud services in the United States. The effectiveness of the models used is evaluated by utilizing validation matrices that include recall values, accuracy, and precision, in addition to F1 scores and confusion matrices. Based on evaluation scores (accuracy, precision, recall, and F1 scores) of 81.9%, 82.6%, and 82.1%, the results demonstrated the effectiveness of the random forest model. It showed the importance of machine learning algorithms in preventing cybercrime and boosting security in the cloud environment. It recommends that other machine learning models be adopted to see how to improve cybersecurity through cloud computing.展开更多
The research consistently highlights the gender disparity in cybersecurity leadership roles, necessitating targeted interventions. Biased recruitment practices, limited STEM education opportunities for girls, and work...The research consistently highlights the gender disparity in cybersecurity leadership roles, necessitating targeted interventions. Biased recruitment practices, limited STEM education opportunities for girls, and workplace culture contribute to this gap. Proposed solutions include addressing biased recruitment through gender-neutral language and blind processes, promoting STEM education for girls to increase qualified female candidates, and fostering inclusive workplace cultures with mentorship and sponsorship programs. Gender parity is crucial for the industry’s success, as embracing diversity enables the cybersecurity sector to leverage various perspectives, drive innovation, and effectively combat cyber threats. Achieving this balance is not just about fairness but also a strategic imperative. By embracing concerted efforts towards gender parity, we can create a more resilient and impactful cybersecurity landscape, benefiting industry and society.展开更多
文摘The digital transformation in Cameroon presents critical cybersecurity challenges that demand immediate attention and strategic intervention. This comprehensive analysis examines the evolving cybersecurity landscape in Cameroon from 2020 to 2023, during which cyber-attacks increased by 156% and financial losses from digital fraud exceeded $45 million. This research identifies significant vulnerabilities in Cameroon’s cybersecurity ecosystem through a rigorous assessment of national infrastructure, policy frameworks, and institutional capacities. Recent data indicates that while digital service adoption has grown exponentially, with internet penetration reaching 35.2% in 2023, cybersecurity measures have lagged significantly behind international standards. This analysis draws on comprehensive data from multiple sectors, including financial services, government institutions, and telecommunications, incorporating findings from the National Cybersecurity Assessment Program and the Digital Infrastructure Security Report. The research reveals that 73% of organizations lack dedicated security teams, while response times to cyber incidents average 72 hours—three times than the global standard. Based on these findings, this paper proposes evidence-based solutions for enhancing digital resilience, including policy modernization, capacity-building initiatives, and technical infrastructure development. The recommendations encompass short-term tactical responses, medium-term strategic improvements, and long-term structural changes, providing a comprehensive roadmap for strengthening Cameroon’s national cybersecurity frameworks.
文摘The NIST Cybersecurity Framework (NIST CSF) serves as a voluntary guideline aimed at helping organizations, tiny and medium-sized enterprises (SMEs), and critical infrastructure operators, effectively manage cyber risks. Although comprehensive, the complexity of the NIST CSF can be overwhelming, especially for those lacking extensive cybersecurity resources. Current implementation tools often cater to larger companies, neglecting the specific needs of SMEs, which can be vulnerable to cyber threats. To address this gap, our research proposes a user-friendly, open-source web platform designed to simplify the implementation of the NIST CSF. This platform enables organizations to assess their risk exposure and continuously monitor their cybersecurity maturity through tailored recommendations based on their unique profiles. Our methodology includes a literature review of existing tools and standards, followed by a description of the platform’s design and architecture. Initial tests with SMEs in Burkina Faso reveal a concerning cybersecurity maturity level, indicating the urgent need for improved strategies based on our findings. By offering an intuitive interface and cross-platform accessibility, this solution aims to empower organizations to enhance their cybersecurity resilience in an evolving threat landscape. The article concludes with discussions on the practical implications and future enhancements of the tool.
文摘The concept of Supply Chain 4.0 represents a transformative phase in supply chain management through advanced digital technologies like IoT, AI, blockchain, and cyber-physical systems. While these innovations deliver operational improvements, the heightened interconnectivity introduces significant cybersecurity challenges, particularly within military logistics, where mission-critical operations and life-safety concerns are paramount. This paper examines these unique cybersecurity requirements, focusing on advanced persistent threats, supply chain poisoning, and data breaches that could compromise sensitive operations. The study proposes a hybrid cybersecurity framework tailored to military logistics, integrating resilience, redundancy, and cross-jurisdictional security measures. Real-world applicability is validated through simulations, offering strategies for securing supply chains while balancing security, efficiency, and flexibility.
文摘The European Standardization Organizations(ESOs),CEN,CENELEC and ETSI,joined forces with ENISA,the EU Agency for Cybersecurity,to host the 9th Cybersecurity Standardization Conference on March 20 in Brussels,Belgium.
文摘Small and Medium-sized Enterprises (SMEs) are considered the backbone of global economy, but they often face cyberthreats which threaten their financial stability and operational continuity. This work aims to offer a proactive cybersecurity approach to safeguard SMEs against these threats. Furthermore, to mitigate these risks, we propose a comprehensive framework of practical and scalable cybersecurity measurements/protocols specifically for SMEs. These measures encompass a spectrum of solutions, from technological fortifications to employee training initiatives and regulatory compliance strategies, in an effort to cultivate resilience and awareness among SMEs. Additionally, we introduce a specially designed a Java-based questionnaire software tool in order to provide an initial framework for essential cybersecurity measures and evaluation for SMEs. This tool covers crucial topics such as social engineering and phishing attempts, implementing antimalware and ransomware defense mechanisms, secure data management and backup strategies and methods for preventing insider threats. By incorporating globally recognized frameworks and standards like ISO/IEC 27001 and NIST guidelines, this questionnaire offers a roadmap for establishing and enhancing cybersecurity measures.
基金supported and funded by the Deanship of Scientific Research at Imam Mohammad Ibn Saud Islamic University(IMSIU)(grant number IMSIU-DDRSP2501).
文摘The increasing reliance on digital infrastructure in modern healthcare systems has introduced significant cybersecurity challenges,particularly in safeguarding sensitive patient data and maintaining the integrity of medical services.As healthcare becomes more data-driven,cyberattacks targeting these systems continue to rise,necessitating the development of robust,domain-adapted Intrusion Detection Systems(IDS).However,current IDS solutions often lack access to domain-specific datasets that reflect realistic threat scenarios in healthcare.To address this gap,this study introduces HCKDDCUP,a synthetic dataset modeled on the widely used KDDCUP benchmark,augmented with healthcare-relevant attributes such as patient data,treatments,and diagnoses to better simulate the unique conditions of clinical environments.This research applies standard machine learning algorithms Random Forest(RF),Decision Tree(DT),and K-Nearest Neighbors(KNN)to both the KDDCUP and HCKDDCUP datasets.The methodology includes data preprocessing,feature selection,dimensionality reduction,and comparative performance evaluation.Experimental results show that the RF model performed best,achieving 98%accuracy on KDDCUP and 99%on HCKDDCUP,highlighting its effectiveness in detecting cyber intrusions within a healthcare-specific context.This work contributes a valuable resource for future research and underscores the need for IDS development tailored to sector-specific requirements.
文摘This paper presents a novel blockchain-embedded cybersecurity framework for industrial solar power systems,integrating immutable machine learning(ML)with distributed ledger technology.Our contribution focused on three factors,Quantum-resistant feature engineering using theUNSW-NB15 dataset adapted for solar infrastructure anomalies.An enhanced Light Gradient Boosting Machine(LightGBM)classifier with blockchain-validated decision thresholds,and A cryptographic proof-of-threat(PoT)consensus mechanism for cyber attack verification.The proposed Immutable LightGBM model with majority voting and cryptographic feature encoding achieves 96.9% detection accuracy with 0.97 weighted average of precision,recall and F1-score,outperforming conventional intrusion detection systems(IDSs)by 12.7% in false positive reduction.The blockchain layer demonstrates a 2.4-s average block confirmation time with 256-bit SHA-3 hashing,enabling real-time threat logging in photovoltaic networks.Experimental results improve in attack traceability compared to centralized security systems,establishing new benchmarks for trustworthy anomaly detection in smart grid infrastructures.This study also compared traditional and hybrid ML based blockchian driven IDSs and attained better classification results.The proposed framework not only delivers a resilient,adaptable threat mitigation system(TMS)for Industry 4.0 solar powered infrastructure but also attains high explainability,scalability with tamper-proof logs,and remarkably exceptional ability of endurance to cyber attacks.
文摘This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 employees across 78 SMEs, qualitative interviews, and case studies, the research examines how psychological factors influence cybersecurity behaviors and policy effectiveness. Key findings reveal significant correlations between psychological factors and security outcomes, including the relationship between self-efficacy and policy compliance (r = 0.42, p β = 0.37, p < 0.001). The study identifies critical challenges in risk perception, policy complexity, and organizational culture affecting SME cybersecurity implementation. Results demonstrate that successful cybersecurity initiatives require the integration of psychological principles with technical solutions. The research provides a framework for developing human-centric security policies that address both behavioral and technical aspects of cybersecurity in resource-constrained environments.
文摘The increasing sophistication of cyberattacks,coupled with the limitations of rule-based detection systems,underscores the urgent need for proactive and intelligent cybersecurity solutions.Traditional intrusion detection systems often struggle with detecting early-stage threats,particularly in dynamic environments such as IoT,SDNs,and cloud infrastructures.These systems are hindered by high false positive rates,poor adaptability to evolving threats,and reliance on large labeled datasets.To address these challenges,this paper introduces CyberGuard-X,an AI-driven framework designed to identify attack precursors—subtle indicators of malicious intent—before full-scale intrusions occur.CyberGuard-X integrates anomaly detection,time-series analysis,and multi-stage classification within a scalable architecture.The model leverages deep learning techniques such as autoencoders,LSTM networks,and Transformer layers,supported by semi-supervised learning to enhance detection of zero-day and rare threats.Extensive experiments on benchmark datasets(CICIDS2017,CSE-CIC-IDS2018,and UNSW-NB15)demonstrate strong results,including 96.1%accuracy,94.7%precision,and 95.3%recall,while achieving a zero-day detection rate of 84.5%.With an inference time of 12.8 ms and 34.5%latency reduction,the model supports real-time deployment in resource-constrained environments.CyberGuard-X not only surpasses baseline models like LSTM and Random Forest but also enhances proactive threat mitigation across diverse network settings.
文摘Taking the cooperation between China and Pakistan as an example,this paper expounds on the current situation,governance concept,obstacles to cooperation,and differentiated policies of Western countries in the areas of cybersecurity,the role of new e-commerce platforms,and digital sovereignty of BRICS countries.It aims to promote inter-governmental cooperation through civil dialogue and lead information technology cooperation among developing countries through the BRICS mechanism,as well as to collaborate to establish guidelines for global cybersecurity,new e-commerce platforms,and digital sovereignty.
基金funded under the Horizon Europe AI4CYBER Projectwhich has received funding from the European Union’s Horizon Europe Research and Innovation Programme under grant agreement No.101070450.
文摘The growing sophistication of cyberthreats,among others the Distributed Denial of Service attacks,has exposed limitations in traditional rule-based Security Information and Event Management systems.While machine learning–based intrusion detection systems can capture complex network behaviours,their“black-box”nature often limits trust and actionable insight for security operators.This study introduces a novel approach that integrates Explainable Artificial Intelligence—xAI—with the Random Forest classifier to derive human-interpretable rules,thereby enhancing the detection of Distributed Denial of Service(DDoS)attacks.The proposed framework combines traditional static rule formulation with advanced xAI techniques—SHapley Additive exPlanations and Scoped Rules-to extract decision criteria from a fully trained model.The methodology was validated on two benchmark datasets,CICIDS2017 and WUSTL-IIOT-2021.Extracted rules were evaluated against conventional Security Information and Event Management Systems rules with metrics such as precision,recall,accuracy,balanced accuracy,and Matthews Correlation Coefficient.Experimental results demonstrate that xAI-derived rules consistently outperform traditional static rules.Notably,the most refined xAI-generated rule achieved near-perfect performance with significantly improved detection of DDoS traffic while maintaining high accuracy in classifying benign traffic across both datasets.
文摘With the rapid development of information technology, the deep integration of the financial sector and the internet has become a key driving force for economic growth. However, while this trend brings convenience, it also poses significant cybersecurity challenges to the financial sector. This study comprehensively analyzes the current state, challenges, and protective measures of cybersecurity in the financial sector, aiming to provide important references for financial institutions in formulating cybersecurity strategies and enhancing risk management.
基金2025 Foshan Social Science Planning Project,“Research on Pathways for Enhancing Cybersecurity Awareness Among Foshan Community Residents Empowered by Digital and Intelligent Technologies”(Project No.:2025-GJ091)。
文摘The proliferation of smart communities in Foshan has led to increasingly diverse and prevalent cybersecurity risks for residents.This trend has rendered traditional cybersecurity education models inadequate in addressing the challenges of the digital era.Guided by the theory of collaborative governance and the framework of digital transformation,this paper examines the multi-stakeholder collaborative mechanism involving the government,businesses,community organizations,universities,and residents.It subsequently proposes a series of implementation strategies such as digitizing educational content,intellectualizing platforms,contextualizing delivery methods,and refining management precision.Studies demonstrate that this model enables effective resource integration,improves educational precision,and boosts resident engagement.It represents a fundamental shift from unilateral dissemination to multi-party interaction and from decentralized management to collaborative synergy,offering a replicable“Foshan Model”for digital governance at the community level.
基金the Deanship of Scientific Research,Princess Nourah bint Abdulrahman University,through the Program of Research Project Funding After Publication,Grant No.(44-PRFA-P-131).
文摘The efficient transmission of images,which plays a large role inwireless communication systems,poses a significant challenge in the growth of multimedia technology.High-quality images require well-tuned communication standards.The Single Carrier Frequency Division Multiple Access(SC-FDMA)is adopted for broadband wireless communications,because of its low sensitivity to carrier frequency offsets and low Peak-to-Average Power Ratio(PAPR).Data transmission through open-channel networks requires much concentration on security,reliability,and integrity.The data need a space away fromunauthorized access,modification,or deletion.These requirements are to be fulfilled by digital image watermarking and encryption.This paper ismainly concerned with secure image communication over the wireless SC-FDMA systemas an adopted communication standard.It introduces a robust image communication framework over SC-FDMA that comprises digital image watermarking and encryption to improve image security,while maintaining a high-quality reconstruction of images at the receiver side.The proposed framework allows image watermarking based on the Discrete Cosine Transform(DCT)merged with the Singular Value Decomposition(SVD)in the so-called DCT-SVD watermarking.In addition,image encryption is implemented based on chaos and DNA encoding.The encrypted watermarked images are then transmitted through the wireless SC-FDMA system.The linearMinimumMean Square Error(MMSE)equalizer is investigated in this paper to mitigate the effect of channel fading and noise on the transmitted images.Two subcarrier mapping schemes,namely localized and interleaved schemes,are compared in this paper.The study depends on different channelmodels,namely PedestrianAandVehicularA,with a modulation technique namedQuadratureAmplitude Modulation(QAM).Extensive simulation experiments are conducted and introduced in this paper for efficient transmission of encrypted watermarked images.In addition,different variants of SC-FDMA based on the Discrete Wavelet Transform(DWT),Discrete Cosine Transform(DCT),and Fast Fourier Transform(FFT)are considered and compared for the image communication task.The simulation results and comparison demonstrate clearly that DWT-SC-FDMAis better suited to the transmission of the digital images in the case of PedestrianAchannels,while the DCT-SC-FDMA is better suited to the transmission of the digital images in the case of Vehicular A channels.
基金The authors would like to acknowledge the Institute for Big Data Analytics and Artificial Intelligence(IBDAAI),Universiti TeknologiMARA and the Ministry of Higher Education,Malaysia for the financial support through Fundamental Research Grant Scheme(FRGS)Grant No.FRGS/1/2021/ICT11/UITM/01/1.
文摘Blockchain-enabled cybersecurity system to ensure and strengthen decentralized digital transaction is gradually gaining popularity in the digital era for various areas like finance,transportation,healthcare,education,and supply chain management.Blockchain interactions in the heterogeneous network have fascinated more attention due to the authentication of their digital application exchanges.However,the exponential development of storage space capabilities across the blockchain-based heterogeneous network has become an important issue in preventing blockchain distribution and the extension of blockchain nodes.There is the biggest challenge of data integrity and scalability,including significant computing complexity and inapplicable latency on regional network diversity,operating system diversity,bandwidth diversity,node diversity,etc.,for decision-making of data transactions across blockchain-based heterogeneous networks.Data security and privacy have also become the main concerns across the heterogeneous network to build smart IoT ecosystems.To address these issues,today’s researchers have explored the potential solutions of the capability of heterogeneous network devices to perform data transactions where the system stimulates their integration reliably and securely with blockchain.The key goal of this paper is to conduct a state-of-the-art and comprehensive survey on cybersecurity enhancement using blockchain in the heterogeneous network.This paper proposes a full-fledged taxonomy to identify the main obstacles,research gaps,future research directions,effective solutions,andmost relevant blockchain-enabled cybersecurity systems.In addition,Blockchain based heterogeneous network framework with cybersecurity is proposed in this paper tomeet the goal of maintaining optimal performance data transactions among organizations.Overall,this paper provides an in-depth description based on the critical analysis to overcome the existing work gaps for future research where it presents a potential cybersecurity design with key requirements of blockchain across a heterogeneous network.
基金funded by the Deanship of Graduate Studies and Scientific Research at Jouf University under Grant Number(DGSSR-2023-02-02513).
文摘Spear Phishing Attacks(SPAs)pose a significant threat to the healthcare sector,resulting in data breaches,financial losses,and compromised patient confidentiality.Traditional defenses,such as firewalls and antivirus software,often fail to counter these sophisticated attacks,which target human vulnerabilities.To strengthen defenses,healthcare organizations are increasingly adopting Machine Learning(ML)techniques.ML-based SPA defenses use advanced algorithms to analyze various features,including email content,sender behavior,and attachments,to detect potential threats.This capability enables proactive security measures that address risks in real-time.The interpretability of ML models fosters trust and allows security teams to continuously refine these algorithms as new attack methods emerge.Implementing ML techniques requires integrating diverse data sources,such as electronic health records,email logs,and incident reports,which enhance the algorithms’learning environment.Feedback from end-users further improves model performance.Among tested models,the hierarchical models,Convolutional Neural Network(CNN)achieved the highest accuracy at 99.99%,followed closely by the sequential Bidirectional Long Short-Term Memory(BiLSTM)model at 99.94%.In contrast,the traditional Multi-Layer Perceptron(MLP)model showed an accuracy of 98.46%.This difference underscores the superior performance of advanced sequential and hierarchical models in detecting SPAs compared to traditional approaches.
基金supported in part by the Korea Research Institute for Defense Technology Planning and Advancement(KRIT)funded by the Korean Government’s Defense Acquisition Program Administration(DAPA)under Grant KRIT-CT-21-037in part by the Ministry of Education,Republic of Koreain part by the National Research Foundation of Korea under Grant RS-2023-00211871.
文摘In the rapidly evolving field of cybersecurity,the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical.Traditional methods often fall short in capturing the dynamic and complex nature of modern cyber threats.To address this gap,we propose a comprehensive framework designed to create authentic network environments tailored for cybersecurity exercise systems.Our framework leverages advanced simulation techniques to generate scenarios that mirror actual network conditions faced by professionals in the field.The cornerstone of our approach is the use of a conditional tabular generative adversarial network(CTGAN),a sophisticated tool that synthesizes realistic synthetic network traffic by learning fromreal data patterns.This technology allows us to handle technical components and sensitive information with high fidelity,ensuring that the synthetic data maintains statistical characteristics similar to those observed in real network environments.By meticulously analyzing the data collected from various network layers and translating these into structured tabular formats,our framework can generate network traffic that closely resembles that found in actual scenarios.An integral part of our process involves deploying this synthetic data within a simulated network environment,structured on software-defined networking(SDN)principles,to test and refine the traffic patterns.This simulation not only facilitates a direct comparison between the synthetic and real traffic but also enables us to identify discrepancies and refine the accuracy of our simulations.Our initial findings indicate an error rate of approximately 29.28%between the synthetic and real traffic data,highlighting areas for further improvement and adjustment.By providing a diverse array of network scenarios through our framework,we aim to enhance the exercise systems used by cybersecurity professionals.This not only improves their ability to respond to actual cyber threats but also ensures that the exercise is cost-effective and efficient.
文摘In the digital age, the global character of the Internet has significantly improved our daily lives by providing access to large amounts of knowledge and allowing for seamless connections. However, this enormously interconnected world is not without its risks. Malicious URLs are a powerful menace, masquerading as legitimate links while holding the intent to hack computer systems or steal sensitive personal information. As the sophistication and frequency of cyberattacks increase, identifying bad URLs has emerged as a critical aspect of cybersecurity. This study presents a new approach that enables the average end-user to check URL safety using Microsoft Excel. Using the powerful VirusTotal API for URL inspections, this study creates an Excel add-in that integrates Python and Excel to deliver a seamless, user-friendly interface. Furthermore, the study improves Excel’s capabilities by allowing users to encrypt and decrypt text communications directly in the spreadsheet. Users may easily encrypt their conversations by simply typing a key and the required text into predefined cells, enhancing their personal cybersecurity with a layer of cryptographic secrecy. This strategy democratizes access to advanced cybersecurity solutions, making attentive digital integrity a feature rather than a daunting burden.
文摘This study investigates how cybersecurity can be enhanced through cloud computing solutions in the United States. The motive for this study is due to the rampant loss of data, breaches, and unauthorized access of internet criminals in the United States. The study adopted a survey research design, collecting data from 890 cloud professionals with relevant knowledge of cybersecurity and cloud computing. A machine learning approach was adopted, specifically a random forest classifier, an ensemble, and a decision tree model. Out of the features in the data, ten important features were selected using random forest feature importance, which helps to achieve the objective of the study. The study’s purpose is to enable organizations to develop suitable techniques to prevent cybercrime using random forest predictions as they relate to cloud services in the United States. The effectiveness of the models used is evaluated by utilizing validation matrices that include recall values, accuracy, and precision, in addition to F1 scores and confusion matrices. Based on evaluation scores (accuracy, precision, recall, and F1 scores) of 81.9%, 82.6%, and 82.1%, the results demonstrated the effectiveness of the random forest model. It showed the importance of machine learning algorithms in preventing cybercrime and boosting security in the cloud environment. It recommends that other machine learning models be adopted to see how to improve cybersecurity through cloud computing.
文摘The research consistently highlights the gender disparity in cybersecurity leadership roles, necessitating targeted interventions. Biased recruitment practices, limited STEM education opportunities for girls, and workplace culture contribute to this gap. Proposed solutions include addressing biased recruitment through gender-neutral language and blind processes, promoting STEM education for girls to increase qualified female candidates, and fostering inclusive workplace cultures with mentorship and sponsorship programs. Gender parity is crucial for the industry’s success, as embracing diversity enables the cybersecurity sector to leverage various perspectives, drive innovation, and effectively combat cyber threats. Achieving this balance is not just about fairness but also a strategic imperative. By embracing concerted efforts towards gender parity, we can create a more resilient and impactful cybersecurity landscape, benefiting industry and society.
